WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
Home Page: https://www.enablesecurity.com/
License: BSD 3-Clause "New" or "Revised" License
guys,
I see two tools doing the same thing written using the same language.
Why don't you join forces?
https://github.com/Ekultek/WhatWaf
Thanks
Describe the bug
I installed wafw00f on windows, write in the command line setup.py install it is installed then I enter setup.py --help everything works but when I enter setup.py --url https://test.com it knocks out the link https: // github.com/enablesecurity/wafw00f and that's all
tried python 2.8, 3.8, 3.9 doesn't help
I cloned repo and installed on my OSX system, but nothing is working, getting following error
Traceback (most recent call last):
File "/Users/anuraggoel/opt/anaconda3/bin/wafw00f", line 4, in <module>
__import__('pkg_resources').run_script('wafw00f==1.0.0', 'wafw00f')
File "/Users/anuraggoel/opt/anaconda3/lib/python3.7/site-packages/pkg_resources/__init__.py", line 666, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/Users/anuraggoel/opt/anaconda3/lib/python3.7/site-packages/pkg_resources/__init__.py", line 1453, in run_script
.format(**locals()),
pkg_resources.ResolutionError: Script 'scripts/wafw00f' not found in metadata at '/Users/anuraggoel/wafw00f/wafw00f.egg-info'
(base) Anurags-MacBook-Pro:wafw00f anuraggoel$ wafw00f -h
Traceback (most recent call last):
File "/Users/anuraggoel/opt/anaconda3/bin/wafw00f", line 4, in <module>
__import__('pkg_resources').run_script('wafw00f==1.0.0', 'wafw00f')
File "/Users/anuraggoel/opt/anaconda3/lib/python3.7/site-packages/pkg_resources/__init__.py", line 666, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/Users/anuraggoel/opt/anaconda3/lib/python3.7/site-packages/pkg_resources/__init__.py", line 1453, in run_script
.format(**locals()),
pkg_resources.ResolutionError: Script 'scripts/wafw00f' not found in metadata at '/Users/anuraggoel/wafw00f/wafw00f.egg-info'
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in
import('pkg_resources').run_script('wafw00f==2.1.0', 'wafw00f')
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 666, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 1453, in run_script
.format(**locals()),
pkg_resources.ResolutionError: Script 'scripts/wafw00f' not found in metadata at '/usr/local/lib/python2.7/dist-packages/wafw00f-2.1.0.dist-info'
$wafw00f
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in
import('pkg_resources').run_script('wafw00f==0.9.4', 'wafw00f')
File "/home//.local/lib/python2.7/site-packages/pkg_resources/init.py", line 738, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/home//.local/lib/python2.7/site-packages/pkg_resources/init.py", line 1499, in run_script
exec(code, namespace, namespace)
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/EGG-INFO/scripts/wafw00f", line 4, in
from wafw00f import main
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/main.py", line 53, in
from wafw00f.lib.evillib import oururlparse, scrambledheader, waftoolsengine
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/evillib.py", line 14, in
from bs4 import BeautifulSoup
File "build/bdist.linux-x86_64/egg/bs4/init.py", line 30, in
File "build/bdist.linux-x86_64/egg/bs4/builder/init.py", line 314, in
File "build/bdist.linux-x86_64/egg/bs4/builder/_html5lib.py", line 70, in
AttributeError: 'module' object has no attribute '_base'
Rolling back the version of html5lib is a functioning workaround:
pip install --upgrade html5lib==1.0b8
It would help if you could add a version number and change log. This would make it easier for the Kali Linux dev team to track.
Successfully Installed wafw00f
root@kali:~/wafw00f# python setup.py install
running install
running bdist_egg
running egg_info
creating wafw00f.egg-info
writing requirements to wafw00f.egg-info/requires.txt
writing wafw00f.egg-info/PKG-INFO
writing top-level names to wafw00f.egg-info/top_level.txt
writing dependency_links to wafw00f.egg-info/dependency_links.txt
writing manifest file 'wafw00f.egg-info/SOURCES.txt'
reading manifest file 'wafw00f.egg-info/SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'wafw00f.egg-info/SOURCES.txt'
installing library code to build/bdist.linux-x86_64/egg
running install_lib
running build_py
creating build
creating build/lib.linux-x86_64-2.7
creating build/lib.linux-x86_64-2.7/wafw00f
copying wafw00f/main.py -> build/lib.linux-x86_64-2.7/wafw00f
copying wafw00f/wafprio.py -> build/lib.linux-x86_64-2.7/wafw00f
copying wafw00f/__init__.py -> build/lib.linux-x86_64-2.7/wafw00f
copying wafw00f/manager.py -> build/lib.linux-x86_64-2.7/wafw00f
creating build/lib.linux-x86_64-2.7/wafw00f/lib
copying wafw00f/lib/proxy.py -> build/lib.linux-x86_64-2.7/wafw00f/lib
copying wafw00f/lib/evillib.py -> build/lib.linux-x86_64-2.7/wafw00f/lib
copying wafw00f/lib/__init__.py -> build/lib.linux-x86_64-2.7/wafw00f/lib
creating build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/powercdn.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/uspses.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/secureiis.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/dotdefender.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/hyperguard.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/ciscoacexml.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/netcontinuum.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/f5bigipasm.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/f5trafficshield.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/nsfocus.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/safedog.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/wzb360.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/denyall.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/missioncontrol.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/nevisproxy.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/incapsula.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/binarysec.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/f5bigipapm.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/webscurity.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/anquanbao.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/f5bigipltm.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/chinacache.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/ibm.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/webknight.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/cloudflare.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/netscaler.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/profense.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/f5firepass.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/airlock.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/isaserver.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/west263cdn.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/urlscan.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/modsecuritycrs.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/betterwpsecurity.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/__init__.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/modsecurity.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/barracuda.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/teros.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/imperva.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
copying wafw00f/plugins/ibmdatapower.py -> build/lib.linux-x86_64-2.7/wafw00f/plugins
creating build/lib.linux-x86_64-2.7/wafw00f/tests
copying wafw00f/tests/test_main.py -> build/lib.linux-x86_64-2.7/wafw00f/tests
copying wafw00f/tests/__init__.py -> build/lib.linux-x86_64-2.7/wafw00f/tests
creating build/bdist.linux-x86_64
creating build/bdist.linux-x86_64/egg
creating build/bdist.linux-x86_64/egg/wafw00f
creating build/bdist.linux-x86_64/egg/wafw00f/lib
copying build/lib.linux-x86_64-2.7/wafw00f/lib/proxy.py -> build/bdist.linux-x86_64/egg/wafw00f/lib
copying build/lib.linux-x86_64-2.7/wafw00f/lib/evillib.py -> build/bdist.linux-x86_64/egg/wafw00f/lib
copying build/lib.linux-x86_64-2.7/wafw00f/lib/__init__.py -> build/bdist.linux-x86_64/egg/wafw00f/lib
copying build/lib.linux-x86_64-2.7/wafw00f/main.py -> build/bdist.linux-x86_64/egg/wafw00f
creating build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/powercdn.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/uspses.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/secureiis.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/dotdefender.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/hyperguard.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/ciscoacexml.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/netcontinuum.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/f5bigipasm.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/f5trafficshield.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/nsfocus.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/safedog.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/wzb360.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/denyall.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/missioncontrol.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/nevisproxy.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/incapsula.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/binarysec.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/f5bigipapm.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/webscurity.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/anquanbao.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/f5bigipltm.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/chinacache.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/ibm.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/webknight.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/cloudflare.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/netscaler.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/profense.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/f5firepass.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/airlock.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/isaserver.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/west263cdn.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/urlscan.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/modsecuritycrs.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/betterwpsecurity.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/__init__.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/modsecurity.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/barracuda.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/teros.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/imperva.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
copying build/lib.linux-x86_64-2.7/wafw00f/plugins/ibmdatapower.py -> build/bdist.linux-x86_64/egg/wafw00f/plugins
creating build/bdist.linux-x86_64/egg/wafw00f/tests
copying build/lib.linux-x86_64-2.7/wafw00f/tests/test_main.py -> build/bdist.linux-x86_64/egg/wafw00f/tests
copying build/lib.linux-x86_64-2.7/wafw00f/tests/__init__.py -> build/bdist.linux-x86_64/egg/wafw00f/tests
copying build/lib.linux-x86_64-2.7/wafw00f/wafprio.py -> build/bdist.linux-x86_64/egg/wafw00f
copying build/lib.linux-x86_64-2.7/wafw00f/__init__.py -> build/bdist.linux-x86_64/egg/wafw00f
copying build/lib.linux-x86_64-2.7/wafw00f/manager.py -> build/bdist.linux-x86_64/egg/wafw00f
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/lib/proxy.py to proxy.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/lib/evillib.py to evillib.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/lib/__init__.py to __init__.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/main.py to main.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/powercdn.py to powercdn.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/uspses.py to uspses.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/secureiis.py to secureiis.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/dotdefender.py to dotdefender.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/hyperguard.py to hyperguard.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/ciscoacexml.py to ciscoacexml.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/netcontinuum.py to netcontinuum.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/f5bigipasm.py to f5bigipasm.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/f5trafficshield.py to f5trafficshield.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/nsfocus.py to nsfocus.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/safedog.py to safedog.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/wzb360.py to wzb360.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/denyall.py to denyall.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/missioncontrol.py to missioncontrol.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/nevisproxy.py to nevisproxy.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/incapsula.py to incapsula.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/binarysec.py to binarysec.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/f5bigipapm.py to f5bigipapm.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/webscurity.py to webscurity.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/anquanbao.py to anquanbao.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/f5bigipltm.py to f5bigipltm.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/chinacache.py to chinacache.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/ibm.py to ibm.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/webknight.py to webknight.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/cloudflare.py to cloudflare.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/netscaler.py to netscaler.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/profense.py to profense.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/f5firepass.py to f5firepass.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/airlock.py to airlock.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/isaserver.py to isaserver.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/west263cdn.py to west263cdn.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/urlscan.py to urlscan.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/modsecuritycrs.py to modsecuritycrs.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/betterwpsecurity.py to betterwpsecurity.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/__init__.py to __init__.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/modsecurity.py to modsecurity.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/barracuda.py to barracuda.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/teros.py to teros.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/imperva.py to imperva.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/plugins/ibmdatapower.py to ibmdatapower.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/tests/test_main.py to test_main.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/tests/__init__.py to __init__.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/wafprio.py to wafprio.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/__init__.py to __init__.pyc
byte-compiling build/bdist.linux-x86_64/egg/wafw00f/manager.py to manager.pyc
creating build/bdist.linux-x86_64/egg/EGG-INFO
installing scripts to build/bdist.linux-x86_64/egg/EGG-INFO/scripts
running install_scripts
running build_scripts
creating build/scripts-2.7
copying and adjusting wafw00f/bin/wafw00f -> build/scripts-2.7
changing mode of build/scripts-2.7/wafw00f from 644 to 755
creating build/bdist.linux-x86_64/egg/EGG-INFO/scripts
copying build/scripts-2.7/wafw00f -> build/bdist.linux-x86_64/egg/EGG-INFO/scripts
changing mode of build/bdist.linux-x86_64/egg/EGG-INFO/scripts/wafw00f to 755
copying wafw00f.egg-info/PKG-INFO -> build/bdist.linux-x86_64/egg/EGG-INFO
copying wafw00f.egg-info/SOURCES.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying wafw00f.egg-info/dependency_links.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying wafw00f.egg-info/requires.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
copying wafw00f.egg-info/top_level.txt -> build/bdist.linux-x86_64/egg/EGG-INFO
zip_safe flag not set; analyzing archive contents...
wafw00f.manager: module references __file__
creating dist
creating 'dist/wafw00f-0.9.4-py2.7.egg' and adding 'build/bdist.linux-x86_64/egg' to it
removing 'build/bdist.linux-x86_64/egg' (and everything under it)
Processing wafw00f-0.9.4-py2.7.egg
removing '/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg' (and everything under it)
creating /usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg
Extracting wafw00f-0.9.4-py2.7.egg to /usr/local/lib/python2.7/dist-packages
wafw00f 0.9.4 is already the active version in easy-install.pth
Installing wafw00f script to /usr/local/bin
Installed /usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg
Processing dependencies for wafw00f==0.9.4
Searching for pluginbase==0.3
Best match: pluginbase 0.3
Processing pluginbase-0.3-py2.7.egg
pluginbase 0.3 is already the active version in easy-install.pth
Using /usr/local/lib/python2.7/dist-packages/pluginbase-0.3-py2.7.egg
Searching for beautifulsoup4==4.4.1
Best match: beautifulsoup4 4.4.1
Processing beautifulsoup4-4.4.1-py2.7.egg
beautifulsoup4 4.4.1 is already the active version in easy-install.pth
Using /usr/local/lib/python2.7/dist-packages/beautifulsoup4-4.4.1-py2.7.egg
Finished processing dependencies for wafw00f==0.9.4
root@kali:~/wafw00f# wafw00f
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in <module>
__import__('pkg_resources').run_script('wafw00f==0.9.4', 'wafw00f')
File "build/bdist.linux-x86_64/egg/pkg_resources/__init__.py", line 744, in run_script
File "build/bdist.linux-x86_64/egg/pkg_resources/__init__.py", line 1499, in run_script
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/EGG-INFO/scripts/wafw00f", line 4, in <module>
from wafw00f import main
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/main.py", line 53, in <module>
from wafw00f.lib.evillib import oururlparse, scrambledheader, waftoolsengine
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/evillib.py", line 14, in <module>
from bs4 import BeautifulSoup
File "build/bdist.linux-x86_64/egg/bs4/__init__.py", line 30, in <module>
File "build/bdist.linux-x86_64/egg/bs4/builder/__init__.py", line 314, in <module>
File "build/bdist.linux-x86_64/egg/bs4/builder/_html5lib.py", line 70, in <module>
AttributeError: 'module' object has no attribute '_base'
Describe the bug
When I run apt install wafw00f it installs an old version of wafw00f.
To Reproduce
apt install wafw00f
Expected behavior
Last version installed
Desktop (please complete the following information):
Debug output
➜ / wafw00f -V
^ ^
_ __ _ ____ _ __ _ _ ____
///7/ /.' \ / __////7/ /,' \ ,' \ / __/
| V V // o // _/ | V V // 0 // 0 // _/
|_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
<
...'
WAFW00F - Web Application Firewall Detection Tool
By Sandro Gauci && Wendel G. Henrique
WAFW00F version 0.9.4
Additional context
Add any other context about the problem here.
$ wafw00f --proxy=http://127.0.0.1:8080 https://google.com
^ ^
_ __ _ ____ _ __ _ _ ____
///7/ /.' \ / __////7/ /,' \ ,' \ / __/
| V V // o // _/ | V V // 0 // 0 // _/
|_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
<
...'
WAFW00F - Web Application Firewall Detection Tool
By Sandro Gauci && Wendel G. Henrique
Checking https://google.com
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 8, in <module>
main.main()
File "/usr/local/lib/python2.7/site-packages/wafw00f/main.py", line 419, in main
if attacker.normalrequest() is None:
File "/usr/local/lib/python2.7/site-packages/wafw00f/main.py", line 96, in normalrequest
return self.request(usecache=usecache, cacheresponse=cacheresponse, headers=headers)
File "/usr/local/lib/python2.7/site-packages/wafw00f/lib/evillib.py", line 320, in request
r = self._request(method, path, headers)
File "/usr/local/lib/python2.7/site-packages/wafw00f/lib/evillib.py", line 362, in _request
h = conn_factory(connect_host, connect_port,**params)
TypeError: __init__() got an unexpected keyword argument 'context'
Traceback (most recent call last):
File "/usr/bin/wafw00f", line 8, in
main()
TypeError: 'module' object is not callable
root@kali:~/Downloads/pentest/tools/wafw00f/wafw00f# uname -a
Linux kali 4.14.0-kali3-amd64 #1 SMP Debian 4.14.12-2kali1 (2018-01-08) x86_64 GNU/Linux
root@kali:~/Downloads/pentest/tools/wafw00f/wafw00f# wafw00f -l
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in
import('pkg_resources').run_script('wafw00f==0.9.4', 'wafw00f')
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 658, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 1429, in run_script
.format(**locals()),
pkg_resources.ResolutionError: Script 'scripts/wafw00f' not found in metadata at '/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4.dist-info'
Hi Any Ideas (I am running this on a persistent USB)
'wafw00f' is not recognized as an internal or external command,
operable program or batch file.
Hello
i installed wafw00f using sudo pip install wafw00f command
but while trying to use it ( wafw00f -p socks5://localhost:9050 -v -a http://example.com ) i got an error message :
Checking http://example.com
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in <module>
__import__('pkg_resources').run_script('wafw00f==0.9.4', 'wafw00f')
File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 719, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python2.7/dist-packages/pkg_resources/__init__.py", line 1504, in run_script
exec(code, namespace, namespace)
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/EGG-INFO/scripts/wafw00f", line 8, in <module>
main.main()
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/main.py", line 363, in main
if attacker.normalrequest() is None:
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/main.py", line 97, in normalrequest
return self.request(usecache=usecache, cacheresponse=cacheresponse, headers=headers)
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/evillib.py", line 320, in request
r = self._request(method, path, headers)
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/evillib.py", line 371, in _request
h.request(method, query_path, headers=headers)
File "/usr/lib/python2.7/httplib.py", line 1057, in request
self._send_request(method, url, body, headers)
File "/usr/lib/python2.7/httplib.py", line 1097, in _send_request
self.endheaders(body)
File "/usr/lib/python2.7/httplib.py", line 1053, in endheaders
self._send_output(message_body)
File "/usr/lib/python2.7/httplib.py", line 897, in _send_output
self.send(msg)
File "/usr/lib/python2.7/httplib.py", line 859, in send
self.connect()
File "/usr/lib/python2.7/httplib.py", line 836, in connect
self.timeout, self.source_address)
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/proxy.py", line 56, in proxy_create_connection
return socks.create_connection(address, proxy_type=socks.PROXY_TYPE_SOCKS5, proxy_addr=self.host, proxy_port=self.port, source_address=source_address, timeout=timeout)
AttributeError: 'module' object has no attribute 'create_connection'
tor is enabled and works with other tools
~$ service tor status
● tor.service - Anonymizing overlay network for TCP (multi-instance-master)
Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
Active: active (exited) ...
wafw00f version
~$ wafw00f --version
WAFW00F version 0.9.4
wafw00f http://jump-help.uber.com:8080
______
/ \
( Woof! )
\ ____/ )
,, ) (_
.-. - _______ ( |__|
()``; |==|_______) .)|__|
/ (' /|\ ( |__|
( / ) / | \ . |__|
\(_)_)) / | \ |__|
~ WAFW00F : v2.0.0 ~
The Web Application Firewall Fingerprinting Toolkit
[*] Checking http://jump-help.uber.com:8080
ERROR:wafw00f:Something went wrong Failed to parse: http://jump-help.uber.com:8080:8080
ERROR:wafw00f:Site jump-help.uber.com appears to be down
The fingerprints in wafw00f presently aren't much to accurately fingerprint a WAF. For example here is a site using dotDefender but still it is detecting it as ModSecurity CRS.
Reasons:
X-dotDefender-denied rarely only upon malicious requests and in older versions only. In the site provided above, there is no such response.dotDefender Blocked Your Request. The actual fingerprint is not even listed amongst the fingerprints in wafw00f. See the demo above.$ python main.py http://assets.esab.com
^ ^
_ __ _ ____ _ __ _ _ ____
///7/ /.' \ / __////7/ /,' \ ,' \ / __/
| V V // o // _/ | V V // 0 // 0 // _/
|_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
<
...'
WAFW00F - Web Application Firewall Detection Tool
By Sandro Gauci && Wendel G. Henrique
Checking http://assets.esab.com
The site http://assets.esab.com is behind a ModSecurity (OWASP CRS)
Number of requests: 9
There are many other plugins affected with the same. It is after fixing all those I'll start working on the new plugins as promised. Maybe after this, people will have to use the -a rarely.
Describe the bug
When passing in multiple target hosts the User-Agent is not present when being deleted.
To Reproduce
Command that reproduces the issue. e.g. wafw00f https://bdb.ai/ https://ataccama.com -vv
Expected behavior
The process should continue onto the next host.
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Debug output
Paste the output that you get when passing -vv to wafw00f. Example:
[*] Checking https://bdb.ai/
INFO:wafw00f:Found: 10 webites to check.
INFO:wafw00f:starting wafw00f on https://bdb.ai/
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Checking for ACE XML Gateway (Cisco)
INFO:wafw00f:Checking for aeSecure (aeSecure)
INFO:wafw00f:Checking for AireeCDN (Airee)
INFO:wafw00f:Checking for Airlock (Phion/Ergon)
INFO:wafw00f:Checking for Alert Logic (Alert Logic)
INFO:wafw00f:Checking for AliYunDun (Alibaba Cloud Computing)
INFO:wafw00f:Checking for Anquanbao (Anquanbao)
INFO:wafw00f:Checking for AnYu (AnYu Technologies)
INFO:wafw00f:Checking for Approach (Approach)
INFO:wafw00f:Checking for AppWall (Radware)
INFO:wafw00f:Checking for Armor Defense (Armor)
INFO:wafw00f:Checking for ArvanCloud (ArvanCloud)
INFO:wafw00f:Checking for ASP.NET Generic (Microsoft)
INFO:wafw00f:Checking for ASPA Firewall (ASPA Engineering Co.)
INFO:wafw00f:Checking for Astra (Czar Securities)
INFO:wafw00f:Checking for AzionCDN (AzionCDN)
INFO:wafw00f:Checking for Barikode (Ethic Ninja)
INFO:wafw00f:Checking for Barracuda (Barracuda Networks)
INFO:wafw00f:Checking for Bekchy (Faydata Technologies Inc.)
INFO:wafw00f:Checking for Beluga CDN (Beluga)
INFO:wafw00f:Checking for BIG-IP Local Traffic Manager (F5 Networks)
INFO:wafw00f:Checking for BinarySec (BinarySec)
INFO:wafw00f:Checking for BitNinja (BitNinja)
INFO:wafw00f:Checking for BlockDoS (BlockDoS)
INFO:wafw00f:Checking for Bluedon (Bluedon IST)
INFO:wafw00f:Checking for BulletProof Security Pro (AITpro Security)
INFO:wafw00f:Checking for CacheWall (Varnish)
INFO:wafw00f:Checking for CacheFly CDN (CacheFly)
INFO:wafw00f:Checking for Comodo cWatch (Comodo CyberSecurity)
INFO:wafw00f:Checking for CdnNS Application Gateway (CdnNs/WdidcNet)
INFO:wafw00f:Checking for ChinaCache Load Balancer (ChinaCache)
INFO:wafw00f:Checking for Chuang Yu Shield (Yunaq)
INFO:wafw00f:Checking for Cloudbric (Penta Security)
INFO:wafw00f:Checking for Cloudflare (Cloudflare Inc.)
INFO:wafw00f:Checking for Cloudfloor (Cloudfloor DNS)
INFO:wafw00f:Checking for Cloudfront (Amazon)
INFO:wafw00f:Checking for CrawlProtect (Jean-Denis Brun)
INFO:wafw00f:Checking for DataPower (IBM)
INFO:wafw00f:Checking for DenyALL (Rohde & Schwarz CyberSecurity)
INFO:wafw00f:Checking for Distil (Distil Networks)
INFO:wafw00f:Checking for DOSarrest (DOSarrest Internet Security)
INFO:wafw00f:Checking for DotDefender (Applicure Technologies)
INFO:wafw00f:Checking for DynamicWeb Injection Check (DynamicWeb)
INFO:wafw00f:Checking for Edgecast (Verizon Digital Media)
INFO:wafw00f:Checking for Eisoo Cloud Firewall (Eisoo)
INFO:wafw00f:Checking for Expression Engine (EllisLab)
INFO:wafw00f:Checking for BIG-IP AppSec Manager (F5 Networks)
INFO:wafw00f:Checking for BIG-IP AP Manager (F5 Networks)
INFO:wafw00f:Checking for Fastly (Fastly CDN)
INFO:wafw00f:Checking for FirePass (F5 Networks)
INFO:wafw00f:Checking for FortiWeb (Fortinet)
INFO:wafw00f:Checking for GoDaddy Website Protection (GoDaddy)
INFO:wafw00f:Checking for Greywizard (Grey Wizard)
INFO:wafw00f:Checking for HyperGuard (Art of Defense)
INFO:wafw00f:Checking for Imunify360 (CloudLinux)
INFO:wafw00f:Checking for Incapsula (Imperva Inc.)
INFO:wafw00f:Checking for IndusGuard (Indusface)
INFO:wafw00f:Checking for Instart DX (Instart Logic)
INFO:wafw00f:Checking for ISA Server (Microsoft)
INFO:wafw00f:Checking for Janusec Application Gateway (Janusec)
INFO:wafw00f:Checking for Jiasule (Jiasule)
INFO:wafw00f:Checking for Kona SiteDefender (Akamai)
INFO:wafw00f:Checking for KS-WAF (KnownSec)
INFO:wafw00f:Checking for KeyCDN (KeyCDN)
INFO:wafw00f:Checking for LimeLight CDN (LimeLight)
INFO:wafw00f:Checking for LiteSpeed (LiteSpeed Technologies)
INFO:wafw00f:Checking for Open-Resty Lua Nginx (FLOSS)
INFO:wafw00f:Checking for Oracle Cloud (Oracle)
INFO:wafw00f:Checking for Malcare (Inactiv)
INFO:wafw00f:Checking for MaxCDN (MaxCDN)
INFO:wafw00f:Checking for Mission Control Shield (Mission Control)
INFO:wafw00f:Checking for ModSecurity (SpiderLabs)
INFO:wafw00f:Checking for NAXSI (NBS Systems)
INFO:wafw00f:Checking for Nemesida (PentestIt)
INFO:wafw00f:Checking for NevisProxy (AdNovum)
INFO:wafw00f:Checking for NetContinuum (Barracuda Networks)
INFO:wafw00f:Checking for NetScaler AppFirewall (Citrix Systems)
INFO:wafw00f:Checking for Newdefend (NewDefend)
INFO:wafw00f:Checking for NexusGuard Firewall (NexusGuard)
INFO:wafw00f:Checking for NinjaFirewall (NinTechNet)
INFO:wafw00f:Checking for NullDDoS Protection (NullDDoS)
INFO:wafw00f:Checking for NSFocus (NSFocus Global Inc.)
INFO:wafw00f:Checking for OnMessage Shield (BlackBaud)
INFO:wafw00f:Checking for Palo Alto Next Gen Firewall (Palo Alto Networks)
INFO:wafw00f:Checking for PerimeterX (PerimeterX)
INFO:wafw00f:Checking for PentaWAF (Global Network Services)
INFO:wafw00f:Checking for pkSecurity IDS (pkSec)
INFO:wafw00f:Checking for PT Application Firewall (Positive Technologies)
INFO:wafw00f:Checking for PowerCDN (PowerCDN)
INFO:wafw00f:Checking for Profense (ArmorLogic)
INFO:wafw00f:Checking for Puhui (Puhui)
INFO:wafw00f:Checking for Qiniu (Qiniu CDN)
INFO:wafw00f:Checking for Reblaze (Reblaze)
INFO:wafw00f:Checking for RSFirewall (RSJoomla!)
INFO:wafw00f:Checking for ASP.NET RequestValidationMode (Microsoft)
INFO:wafw00f:Checking for Safe3 Web Firewall (Safe3)
INFO:wafw00f:Checking for Safedog (SafeDog)
INFO:wafw00f:Checking for Safeline (Chaitin Tech.)
INFO:wafw00f:Checking for SecKing (SecKing)
INFO:wafw00f:Checking for eEye SecureIIS (BeyondTrust)
INFO:wafw00f:Checking for SecuPress WP Security (SecuPress)
INFO:wafw00f:Checking for SecureSphere (Imperva Inc.)
INFO:wafw00f:Checking for Secure Entry (United Security Providers)
INFO:wafw00f:Checking for SEnginx (Neusoft)
INFO:wafw00f:Checking for ServerDefender VP (Port80 Software)
INFO:wafw00f:Checking for Shield Security (One Dollar Plugin)
INFO:wafw00f:Checking for Shadow Daemon (Zecure)
INFO:wafw00f:Checking for SiteGround (SiteGround)
INFO:wafw00f:Checking for SiteGuard (Sakura Inc.)
INFO:wafw00f:Checking for Sitelock (TrueShield)
INFO:wafw00f:Checking for SonicWall (Dell)
INFO:wafw00f:Checking for UTM Web Protection (Sophos)
INFO:wafw00f:Checking for Squarespace (Squarespace)
INFO:wafw00f:Checking for SquidProxy IDS (SquidProxy)
INFO:wafw00f:Checking for StackPath (StackPath)
INFO:wafw00f:Checking for Sucuri CloudProxy (Sucuri Inc.)
INFO:wafw00f:Checking for Tencent Cloud Firewall (Tencent Technologies)
INFO:wafw00f:Checking for Teros (Citrix Systems)
INFO:wafw00f:Checking for Trafficshield (F5 Networks)
INFO:wafw00f:Checking for TransIP Web Firewall (TransIP)
INFO:wafw00f:Checking for URLMaster SecurityCheck (iFinity/DotNetNuke)
INFO:wafw00f:Checking for URLScan (Microsoft)
INFO:wafw00f:Checking for UEWaf (UCloud)
INFO:wafw00f:Checking for Varnish (OWASP)
INFO:wafw00f:Checking for Viettel (Cloudrity)
INFO:wafw00f:Checking for VirusDie (VirusDie LLC)
INFO:wafw00f:Checking for Wallarm (Wallarm Inc.)
INFO:wafw00f:Checking for WatchGuard (WatchGuard Technologies)
INFO:wafw00f:Checking for WebARX (WebARX Security Solutions)
INFO:wafw00f:Checking for WebKnight (AQTRONIX)
INFO:wafw00f:Checking for WebLand (WebLand)
INFO:wafw00f:Checking for RayWAF (WebRay Solutions)
INFO:wafw00f:Checking for WebSEAL (IBM)
INFO:wafw00f:Checking for WebTotem (WebTotem)
INFO:wafw00f:Checking for West263 CDN (West263CDN)
INFO:wafw00f:Checking for Wordfence (Defiant)
INFO:wafw00f:Checking for WP Cerber Security (Cerber Tech)
INFO:wafw00f:Checking for WTS-WAF (WTS)
INFO:wafw00f:Checking for 360WangZhanBao (360 Technologies)
INFO:wafw00f:Checking for XLabs Security WAF (XLabs)
INFO:wafw00f:Checking for Xuanwudun (Xuanwudun)
INFO:wafw00f:Checking for Yundun (Yundun)
INFO:wafw00f:Checking for Yunsuo (Yunsuo)
INFO:wafw00f:Checking for Yunjiasu (Baidu Cloud Computing)
INFO:wafw00f:Checking for YXLink (YxLink Technologies)
INFO:wafw00f:Checking for Zenedge (Zenedge)
INFO:wafw00f:Checking for ZScaler (Accenture)
INFO:wafw00f:Checking for AWS Elastic Load Balancer (Amazon)
INFO:wafw00f:Checking for Sabre Firewall (Sabre)
INFO:wafw00f:Checking for Huawei Cloud Firewall (Huawei)
INFO:wafw00f:Identified WAF: []
[+] Generic Detection results:
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:starting wafw00f on https://ataccama.com
[-] No WAF detected by the generic detection
[~] Number of requests: 7
[*] Checking https://ataccama.com
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Checking for ACE XML Gateway (Cisco)
INFO:wafw00f:Checking for aeSecure (aeSecure)
INFO:wafw00f:Checking for AireeCDN (Airee)
INFO:wafw00f:Checking for Airlock (Phion/Ergon)
INFO:wafw00f:Checking for Alert Logic (Alert Logic)
INFO:wafw00f:Checking for AliYunDun (Alibaba Cloud Computing)
INFO:wafw00f:Checking for Anquanbao (Anquanbao)
INFO:wafw00f:Checking for AnYu (AnYu Technologies)
INFO:wafw00f:Checking for Approach (Approach)
INFO:wafw00f:Checking for AppWall (Radware)
INFO:wafw00f:Checking for Armor Defense (Armor)
INFO:wafw00f:Checking for ArvanCloud (ArvanCloud)
INFO:wafw00f:Checking for ASP.NET Generic (Microsoft)
INFO:wafw00f:Checking for ASPA Firewall (ASPA Engineering Co.)
INFO:wafw00f:Checking for Astra (Czar Securities)
INFO:wafw00f:Checking for AzionCDN (AzionCDN)
INFO:wafw00f:Checking for Barikode (Ethic Ninja)
INFO:wafw00f:Checking for Barracuda (Barracuda Networks)
INFO:wafw00f:Checking for Bekchy (Faydata Technologies Inc.)
INFO:wafw00f:Checking for Beluga CDN (Beluga)
INFO:wafw00f:Checking for BIG-IP Local Traffic Manager (F5 Networks)
INFO:wafw00f:Checking for BinarySec (BinarySec)
INFO:wafw00f:Checking for BitNinja (BitNinja)
INFO:wafw00f:Checking for BlockDoS (BlockDoS)
INFO:wafw00f:Checking for Bluedon (Bluedon IST)
INFO:wafw00f:Checking for BulletProof Security Pro (AITpro Security)
INFO:wafw00f:Checking for CacheWall (Varnish)
INFO:wafw00f:Checking for CacheFly CDN (CacheFly)
INFO:wafw00f:Checking for Comodo cWatch (Comodo CyberSecurity)
INFO:wafw00f:Checking for CdnNS Application Gateway (CdnNs/WdidcNet)
INFO:wafw00f:Checking for ChinaCache Load Balancer (ChinaCache)
INFO:wafw00f:Checking for Chuang Yu Shield (Yunaq)
INFO:wafw00f:Checking for Cloudbric (Penta Security)
INFO:wafw00f:Checking for Cloudflare (Cloudflare Inc.)
INFO:wafw00f:Checking for Cloudfloor (Cloudfloor DNS)
INFO:wafw00f:Checking for Cloudfront (Amazon)
INFO:wafw00f:Checking for CrawlProtect (Jean-Denis Brun)
INFO:wafw00f:Checking for DataPower (IBM)
INFO:wafw00f:Checking for DenyALL (Rohde & Schwarz CyberSecurity)
INFO:wafw00f:Checking for Distil (Distil Networks)
INFO:wafw00f:Checking for DOSarrest (DOSarrest Internet Security)
INFO:wafw00f:Checking for DotDefender (Applicure Technologies)
INFO:wafw00f:Checking for DynamicWeb Injection Check (DynamicWeb)
INFO:wafw00f:Checking for Edgecast (Verizon Digital Media)
INFO:wafw00f:Checking for Eisoo Cloud Firewall (Eisoo)
INFO:wafw00f:Checking for Expression Engine (EllisLab)
INFO:wafw00f:Checking for BIG-IP AppSec Manager (F5 Networks)
INFO:wafw00f:Checking for BIG-IP AP Manager (F5 Networks)
INFO:wafw00f:Checking for Fastly (Fastly CDN)
INFO:wafw00f:Checking for FirePass (F5 Networks)
INFO:wafw00f:Checking for FortiWeb (Fortinet)
INFO:wafw00f:Checking for GoDaddy Website Protection (GoDaddy)
INFO:wafw00f:Checking for Greywizard (Grey Wizard)
INFO:wafw00f:Checking for HyperGuard (Art of Defense)
INFO:wafw00f:Checking for Imunify360 (CloudLinux)
INFO:wafw00f:Checking for Incapsula (Imperva Inc.)
INFO:wafw00f:Checking for IndusGuard (Indusface)
INFO:wafw00f:Checking for Instart DX (Instart Logic)
INFO:wafw00f:Checking for ISA Server (Microsoft)
INFO:wafw00f:Checking for Janusec Application Gateway (Janusec)
INFO:wafw00f:Checking for Jiasule (Jiasule)
INFO:wafw00f:Checking for Kona SiteDefender (Akamai)
INFO:wafw00f:Checking for KS-WAF (KnownSec)
INFO:wafw00f:Checking for KeyCDN (KeyCDN)
INFO:wafw00f:Checking for LimeLight CDN (LimeLight)
INFO:wafw00f:Checking for LiteSpeed (LiteSpeed Technologies)
INFO:wafw00f:Checking for Open-Resty Lua Nginx (FLOSS)
INFO:wafw00f:Checking for Oracle Cloud (Oracle)
INFO:wafw00f:Checking for Malcare (Inactiv)
INFO:wafw00f:Checking for MaxCDN (MaxCDN)
INFO:wafw00f:Checking for Mission Control Shield (Mission Control)
INFO:wafw00f:Checking for ModSecurity (SpiderLabs)
INFO:wafw00f:Checking for NAXSI (NBS Systems)
INFO:wafw00f:Checking for Nemesida (PentestIt)
INFO:wafw00f:Checking for NevisProxy (AdNovum)
INFO:wafw00f:Checking for NetContinuum (Barracuda Networks)
INFO:wafw00f:Checking for NetScaler AppFirewall (Citrix Systems)
INFO:wafw00f:Checking for Newdefend (NewDefend)
INFO:wafw00f:Checking for NexusGuard Firewall (NexusGuard)
INFO:wafw00f:Checking for NinjaFirewall (NinTechNet)
INFO:wafw00f:Checking for NullDDoS Protection (NullDDoS)
INFO:wafw00f:Checking for NSFocus (NSFocus Global Inc.)
INFO:wafw00f:Checking for OnMessage Shield (BlackBaud)
INFO:wafw00f:Checking for Palo Alto Next Gen Firewall (Palo Alto Networks)
INFO:wafw00f:Checking for PerimeterX (PerimeterX)
INFO:wafw00f:Checking for PentaWAF (Global Network Services)
INFO:wafw00f:Checking for pkSecurity IDS (pkSec)
INFO:wafw00f:Checking for PT Application Firewall (Positive Technologies)
INFO:wafw00f:Checking for PowerCDN (PowerCDN)
INFO:wafw00f:Checking for Profense (ArmorLogic)
INFO:wafw00f:Checking for Puhui (Puhui)
INFO:wafw00f:Checking for Qiniu (Qiniu CDN)
INFO:wafw00f:Checking for Reblaze (Reblaze)
INFO:wafw00f:Checking for RSFirewall (RSJoomla!)
INFO:wafw00f:Checking for ASP.NET RequestValidationMode (Microsoft)
INFO:wafw00f:Checking for Safe3 Web Firewall (Safe3)
INFO:wafw00f:Checking for Safedog (SafeDog)
INFO:wafw00f:Checking for Safeline (Chaitin Tech.)
INFO:wafw00f:Checking for SecKing (SecKing)
INFO:wafw00f:Checking for eEye SecureIIS (BeyondTrust)
INFO:wafw00f:Checking for SecuPress WP Security (SecuPress)
INFO:wafw00f:Checking for SecureSphere (Imperva Inc.)
INFO:wafw00f:Checking for Secure Entry (United Security Providers)
INFO:wafw00f:Checking for SEnginx (Neusoft)
INFO:wafw00f:Checking for ServerDefender VP (Port80 Software)
INFO:wafw00f:Checking for Shield Security (One Dollar Plugin)
INFO:wafw00f:Checking for Shadow Daemon (Zecure)
INFO:wafw00f:Checking for SiteGround (SiteGround)
INFO:wafw00f:Checking for SiteGuard (Sakura Inc.)
INFO:wafw00f:Checking for Sitelock (TrueShield)
INFO:wafw00f:Checking for SonicWall (Dell)
INFO:wafw00f:Checking for UTM Web Protection (Sophos)
INFO:wafw00f:Checking for Squarespace (Squarespace)
INFO:wafw00f:Checking for SquidProxy IDS (SquidProxy)
INFO:wafw00f:Checking for StackPath (StackPath)
INFO:wafw00f:Checking for Sucuri CloudProxy (Sucuri Inc.)
INFO:wafw00f:Checking for Tencent Cloud Firewall (Tencent Technologies)
INFO:wafw00f:Checking for Teros (Citrix Systems)
INFO:wafw00f:Checking for Trafficshield (F5 Networks)
INFO:wafw00f:Checking for TransIP Web Firewall (TransIP)
INFO:wafw00f:Checking for URLMaster SecurityCheck (iFinity/DotNetNuke)
INFO:wafw00f:Checking for URLScan (Microsoft)
INFO:wafw00f:Checking for UEWaf (UCloud)
INFO:wafw00f:Checking for Varnish (OWASP)
INFO:wafw00f:Checking for Viettel (Cloudrity)
INFO:wafw00f:Checking for VirusDie (VirusDie LLC)
INFO:wafw00f:Checking for Wallarm (Wallarm Inc.)
INFO:wafw00f:Checking for WatchGuard (WatchGuard Technologies)
INFO:wafw00f:Checking for WebARX (WebARX Security Solutions)
INFO:wafw00f:Checking for WebKnight (AQTRONIX)
INFO:wafw00f:Checking for WebLand (WebLand)
INFO:wafw00f:Checking for RayWAF (WebRay Solutions)
INFO:wafw00f:Checking for WebSEAL (IBM)
INFO:wafw00f:Checking for WebTotem (WebTotem)
INFO:wafw00f:Checking for West263 CDN (West263CDN)
INFO:wafw00f:Checking for Wordfence (Defiant)
INFO:wafw00f:Checking for WP Cerber Security (Cerber Tech)
INFO:wafw00f:Checking for WTS-WAF (WTS)
INFO:wafw00f:Checking for 360WangZhanBao (360 Technologies)
INFO:wafw00f:Checking for XLabs Security WAF (XLabs)
INFO:wafw00f:Checking for Xuanwudun (Xuanwudun)
INFO:wafw00f:Checking for Yundun (Yundun)
INFO:wafw00f:Checking for Yunsuo (Yunsuo)
INFO:wafw00f:Checking for Yunjiasu (Baidu Cloud Computing)
INFO:wafw00f:Checking for YXLink (YxLink Technologies)
INFO:wafw00f:Checking for Zenedge (Zenedge)
INFO:wafw00f:Checking for ZScaler (Accenture)
INFO:wafw00f:Checking for AWS Elastic Load Balancer (Amazon)
INFO:wafw00f:Checking for Sabre Firewall (Sabre)
INFO:wafw00f:Checking for Huawei Cloud Firewall (Huawei)
INFO:wafw00f:Identified WAF: []
[+] Generic Detection results:
INFO:wafw00f:Request Succeeded
Traceback (most recent call last):
File "/Users/sionsmith/development/oso/bizdev/wafw00f/wafw00f/main.py", line 417, in <module>
main()
File "/Users/sionsmith/development/oso/bizdev/wafw00f/wafw00f/main.py", line 383, in main
if attacker.genericdetect():
File "/Users/sionsmith/development/oso/bizdev/wafw00f/wafw00f/main.py", line 93, in genericdetect
del def_headers['User-Agent'] # Deleting the user-agent key
KeyError: 'User-Agent'
Additional context
I will fix this and open a PR.
Describe the bug
I tried to install wafw00f on Amazon Linux (RHEL) version, I got the error below. I use pip install Sphinx even yum install the Sphinx manually, but it still failed.
Please advise. Thanks
zip_safe flag not set; analyzing archive contents...
wafw00f.manager: module references __file__
Traceback (most recent call last):
File "./setup.py", line 53, in <module>
'Sphinx',
File "/usr/lib/python2.7/site-packages/setuptools/__init__.py", line 145, in setup
return distutils.core.setup(**attrs)
File "/usr/lib64/python2.7/distutils/core.py", line 151, in setup
dist.run_commands()
File "/usr/lib64/python2.7/distutils/dist.py", line 953, in run_commands
self.run_command(cmd)
File "/usr/lib64/python2.7/distutils/dist.py", line 972, in run_command
cmd_obj.run()
File "/usr/lib/python2.7/site-packages/setuptools/command/install.py", line 67, in run
self.do_egg_install()
File "/usr/lib/python2.7/site-packages/setuptools/command/install.py", line 109, in do_egg_install
self.run_command('bdist_egg')
File "/usr/lib64/python2.7/distutils/cmd.py", line 326, in run_command
self.distribution.run_command(command)
File "/usr/lib64/python2.7/distutils/dist.py", line 972, in run_command
cmd_obj.run()
File "/usr/lib/python2.7/site-packages/setuptools/command/bdist_egg.py", line 220, in run
os.path.join(archive_root, 'EGG-INFO'), self.zip_safe()
File "/usr/lib/python2.7/site-packages/setuptools/command/bdist_egg.py", line 273, in zip_safe
return analyze_egg(self.bdist_dir, self.stubs)
File "/usr/lib/python2.7/site-packages/setuptools/command/bdist_egg.py", line 383, in analyze_egg
safe = scan_module(egg_dir, base, name, stubs) and safe
File "/usr/lib/python2.7/site-packages/setuptools/command/bdist_egg.py", line 422, in scan_module
code = marshal.load(f)
EOFError: EOF read where object expected
Hi ,
For now I'm doing something like
for i in $(cat domains.out);do wafw00f $i -r | tail -n +15 | tee -a waf-detection.out ;done
I hope to see this great tool have option to detect list of domains with concurrency set in mind and provide a proper simple text output for the results. That will be so much helpful.
Hi guys,
I see significant changes in the code infrastructure as well as a huge hike in the number of plugins. Is there a release upcoming?
Workaround:
An error reported when the target is reset by waf
wafw00f-2.1.0
I'm getting the following warning:
*
* This package installs one or more Python modules that are not byte-compiled.
* The following files are missing:
*
* /usr/lib64/python2.7/site-packages/wafw00f/main.pyc
* /usr/lib64/python2.7/site-packages/wafw00f/main.pyo
*
* Please either fix the upstream build system to byte-compile Python modules
* correctly, or call python_optimize after installing them. For more
* information, see:
* https://wiki.gentoo.org/wiki/Project:Python/Byte_compiling
This warning was introduced in this version only. Version 2.0 and before are not affected
Describe the bug
Issue on wafw00f v 2.1 when -t arguments is provided.
Err: WAF [waf-name] was not found in our list
To Reproduce
(example) wafw00f -t Wordfence https://www.example.org
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Debug output
Paste the output that you get when passing -vv to wafw00f : N/A
# wafw00f -t Wordfence https://www.example.org
WAF Wordfence was not found in our list
Use the --list option to see what is available
but
# wafw00f -l | grep Wordfence
Wordfence (Feedjit)
d0c@Universe:$ sudo apt-get install wafw00f$ sudo wafw00f -l
It goes through the normal install process.
I run it and I get this.
d0c@Universe:
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in
from wafw00f import main
File "/usr/local/lib/python3.5/dist-packages/wafw00f/main.py", line 53, in
from wafw00f.lib.evillib import oururlparse, scrambledheader, waftoolsengine
File "/usr/local/lib/python3.5/dist-packages/wafw00f/lib/evillib.py", line 14, in
from bs4 import BeautifulSoup
File "/usr/local/lib/python3.5/dist-packages/bs4/init.py", line 30, in
from .builder import builder_registry, ParserRejectedMarkup
File "/usr/local/lib/python3.5/dist-packages/bs4/builder/init.py", line 314, in
from . import _html5lib
File "/usr/local/lib/python3.5/dist-packages/bs4/builder/_html5lib.py", line 70, in
class TreeBuilderForHtml5lib(html5lib.treebuilders._base.TreeBuilder):
AttributeError: module 'html5lib.treebuilders' has no attribute '_base'
Help?!?! Please...
~/Templates/virtualenv/www.dnsdumpster.net/lib/python3.7/site-packages/wafw00f/main.py in matchHeader(self, headermatch, attack)
162 if attack:
163 r = self.attackres
--> 164 else: r = rq
165 if r is None:
166 return
I have an error using wafw00f where I clone the repo and install wafw00f using
python setup.py install
But
wafw00f --help
results in
Traceback (most recent call last):
File "/usr/bin/wafw00f", line 4, in <module>
__import__('pkg_resources').run_script('wafw00f==2.1.0', 'wafw00f')
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 666, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 1451, in run_script
raise ResolutionError(
pkg_resources.ResolutionError: Script 'scripts/wafw00f' not found in metadata at '/usr/lib/python3.8/site-packages/wafw00f-2.1.0-py3.8.egg-info'
Device Details:
Linux id10t 5.3.18-1-MANJARO #1 SMP PREEMPT Wed Dec 18 18:34:35 UTC 2019 x86_64 GNU/Linux
Akamai Waf:
https://www.paypal.com/mx/home?cds=ccds%3C%3Cscript%3E
modsecurity fingerprint based on the rules
/?phpsessid=asdfdasfadsads
wafw00f/wafw00f/plugins/modsecurity.py
Line 17 in d0f0a21
if response.reason == 'ModSecurity Action' and response.status == 403:
Describe the bug
A clear and concise description of what the bug is.
To Reproduce
Command that reproduces the issue. e.g. wafw00f http://example.org -a -vv
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Debug output
Paste the output that you get when passing -vv to wafw00f. Example:
[*] Checking http://www.example.com
INFO:wafw00f:starting wafw00f on http://www.example.com
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Request Succeeded
INFO:wafw00f:Checking for ACE XML Gateway (Cisco)
INFO:wafw00f:Checking for aeSecure (aeSecure)
INFO:wafw00f:Checking for AireeCDN (Airee)
INFO:wafw00f:Checking for Airlock (Phion/Ergon)
INFO:wafw00f:Checking for Alert Logic (Alert Logic)
INFO:wafw00f:Checking for AliYunDun (Alibaba Cloud Computing)
INFO:wafw00f:Checking for Anquanbao (Anquanbao)
INFO:wafw00f:Checking for AnYu (AnYu Technologies)
INFO:wafw00f:Checking for Approach (Approach)
INFO:wafw00f:Checking for AppWall (Radware)
INFO:wafw00f:Checking for Armor Defense (Armor)
INFO:wafw00f:Checking for ArvanCloud (ArvanCloud)
INFO:wafw00f:Checking for ASP.NET Generic (Microsoft)
INFO:wafw00f:Checking for ASPA Firewall (ASPA Engineering Co.)
INFO:wafw00f:Checking for Astra (Czar Securities)
INFO:wafw00f:Checking for AzionCDN (AzionCDN)
INFO:wafw00f:Checking for Barikode (Ethic Ninja)
INFO:wafw00f:Checking for Barracuda (Barracuda Networks)
INFO:wafw00f:Checking for Bekchy (Faydata Technologies Inc.)
INFO:wafw00f:Checking for Beluga CDN (Beluga)
INFO:wafw00f:Checking for BIG-IP Local Traffic Manager (F5 Networks)
INFO:wafw00f:Checking for BinarySec (BinarySec)
INFO:wafw00f:Checking for BitNinja (BitNinja)
INFO:wafw00f:Checking for BlockDoS (BlockDoS)
INFO:wafw00f:Checking for Bluedon (Bluedon IST)
INFO:wafw00f:Checking for BulletProof Security Pro (AITpro Security)
INFO:wafw00f:Checking for CacheWall (Varnish)
INFO:wafw00f:Checking for CacheFly CDN (CacheFly)
INFO:wafw00f:Checking for Comodo cWatch (Comodo CyberSecurity)
INFO:wafw00f:Checking for CdnNS Application Gateway (CdnNs/WdidcNet)
INFO:wafw00f:Checking for ChinaCache Load Balancer (ChinaCache)
INFO:wafw00f:Checking for Chuang Yu Shield (Yunaq)
INFO:wafw00f:Checking for Cloudbric (Penta Security)
INFO:wafw00f:Checking for Cloudflare (Cloudflare Inc.)
INFO:wafw00f:Checking for Cloudfloor (Cloudfloor DNS)
INFO:wafw00f:Checking for Cloudfront (Amazon)
INFO:wafw00f:Checking for CrawlProtect (Jean-Denis Brun)
INFO:wafw00f:Checking for DataPower (IBM)
INFO:wafw00f:Checking for DenyALL (Rohde & Schwarz CyberSecurity)
INFO:wafw00f:Checking for Distil (Distil Networks)
INFO:wafw00f:Checking for DOSarrest (DOSarrest Internet Security)
INFO:wafw00f:Checking for DotDefender (Applicure Technologies)
INFO:wafw00f:Checking for DynamicWeb Injection Check (DynamicWeb)
INFO:wafw00f:Checking for Edgecast (Verizon Digital Media)
INFO:wafw00f:Identified WAF: ['Edgecast (Verizon Digital Media)']
[+] The site http://www.example.com is behind Edgecast (Verizon Digital Media) WAF.
[~] Number of requests: 2
Additional context
Add any other context about the problem here.
I use parrot os and i used python setup.py install to install it.
When i use wafw00f https://nea-karvali.gr/ with no arguments the output is:
ERROR:root:Site https://www.nea-karvali.gr/ appears to be down.
When using -v option gives me:
WARNING:wafw00f:Could not initialize connection to www.nea-karvali.gr
Whats wrong here?
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in
import('pkg_resources').run_script('wafw00f==2.1.0', 'wafw00f')
File "build/bdist.linux-x86_64/egg/pkg_resources/init.py", line 739, in run_script
File "build/bdist.linux-x86_64/egg/pkg_resources/init.py", line 1486, in run_script
pkg_resources.ResolutionError: No script named 'wafw00f'
Instead it throws an exception when installing from source or pip.
Downloading/unpacking wafw00f
Downloading wafw00f-0.9.2.tar.gz
Running setup.py egg_info for package wafw00f
Traceback (most recent call last):
File "<string>", line 14, in <module>
File "/root/build/wafw00f/setup.py", line 24, in <module>
install_requires=get_reqs(),
File "/root/build/wafw00f/setup.py", line 10, in get_reqs
return [str(ir.req) for ir in install_reqs]
File "/usr/lib/python2.7/dist-packages/pip/req.py", line 1240, in parse_requirements
skip_regex = options.skip_requirements_regex
AttributeError: 'NoneType' object has no attribute 'skip_requirements_regex'
Complete output from command python setup.py egg_info:
Traceback (most recent call last):
File "<string>", line 14, in <module>
File "/root/build/wafw00f/setup.py", line 24, in <module>
install_requires=get_reqs(),
File "/root/build/wafw00f/setup.py", line 10, in get_reqs
return [str(ir.req) for ir in install_reqs]
File "/usr/lib/python2.7/dist-packages/pip/req.py", line 1240, in parse_requirements
skip_regex = options.skip_requirements_regex
AttributeError: 'NoneType' object has no attribute 'skip_requirements_regex'
----------------------------------------
Command python setup.py egg_info failed with error code 1 in /root/build/wafw00f
Storing complete log in /root/.pip/pip.log
Demo URL: http://demo.ethic.ninja/?id=%22
Another URL: http://demo01.ethic.ninja
$ python3 main.py "http://www.test.com.us/testtest/testtest/testtest/getAtt.php?cat=Hotels&atts=&lang=C"
^ ^
_ __ _ ____ _ __ _ _ ____
///7/ /.' \ / __////7/ /,' \ ,' \ / __/
| V V // o // _/ | V V // 0 // 0 // _/
|_n_,'/_n_//_/ |_n_,' \_,' \_,'/_/
<
...'
WAFW00F - Web Application Firewall Detection Tool
By Sandro Gauci && Wendel G. Henrique
Checking http://www.test.com.us/testtest/testtest/testtest/getAtt.php?cat=Hotels&atts=&lang=C
Traceback (most recent call last):
File "main.py", line 392, in <module>
main()
File "main.py", line 370, in main
waf = attacker.identwaf(options.findall)
File "main.py", line 269, in identwaf
if self.wafdetections[wafvendor](self):
File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/wafw00f-0.9.6-py3.7.egg/wafw00f/plugins/barracuda.py", line 17, in is_waf
r = attack(self)
File "main.py", line 120, in xssstandard
return self.request(path=xssstringa, usecache=usecache, cacheresponse=cacheresponse)
File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/wafw00f-0.9.6-py3.7.egg/wafw00f/lib/evillib.py", line 320, in request
r = self._request(method, path, headers)
File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/wafw00f-0.9.6-py3.7.egg/wafw00f/lib/evillib.py", line 378, in _request
responsebody = response.read()
File "/data/data/com.termux/files/usr/lib/python3.7/http/client.py", line 460, in read
s = self._safe_read(self.length)
File "/data/data/com.termux/files/usr/lib/python3.7/http/client.py", line 612, in _safe_read
raise IncompleteRead(b''.join(s), amt)
http.client.IncompleteRead: IncompleteRead(157 bytes read, 383 more expected)
$
Checking http://www.hpeonesphere.com
Generic Detection results:
The site http://www.hpeonesphere.com seems to be behind a WAF or some sort of security solution
Reason: The server header is different when an attack is detected.
The server header for a normal response is "nginx/1.13.6", while the server header a response to an attack is "awselb/2.0.",
Number of requests: 13
Hi,
The waf https://www.cloudprotector.com/ is not detected by Wafw00f.
It is easy to discover: it announces a banner:
"R&S®Cloud Protector by Rohde & Schwarz Cybersecurity ©2001-2021"
you can try here:
https://www.wedivorce.fr/?r=../../../passwd
Thierry
$ wafw00f http://balancepayout.paypal.com
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in <module>
__import__('pkg_resources').run_script('wafw00f==2.1.0', 'wafw00f')
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 658, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 1438, in run_script
exec(code, namespace, namespace)
File "/usr/local/lib/python3.6/dist-packages/wafw00f-2.1.0-py3.6.egg/EGG-INFO/scripts/wafw00f", line 8, in <module>
main.main()
File "/usr/local/lib/python3.6/dist-packages/wafw00f-2.1.0-py3.6.egg/wafw00f/main.py", line 442, in main
if attacker.genericdetect():
File "/usr/local/lib/python3.6/dist-packages/wafw00f-2.1.0-py3.6.egg/wafw00f/main.py", line 142, in genericdetect
attackresponse_server = response.headers.get('Server')
AttributeError: 'NoneType' object has no attribute 'headers'
i wanted to know how can i get sanitized output - with clear indication whether WAF is detected or not (instead of graphical representations of WAFW00F logo/ dog image and other stuff - i want simple - WAF detected = Yes/No - if detected then name of WAF)
I install -
root@kali:~# pip install wafw00f
Collecting wafw00f
Downloading wafw00f-0.9.4.tar.gz
Collecting beautifulsoup4==4.4.1 (from wafw00f)
Downloading beautifulsoup4-4.4.1-py2-none-any.whl (81kB)
100% |████████████████████████████████| 81kB 588kB/s
Collecting pluginbase==0.3 (from wafw00f)
Downloading pluginbase-0.3-py2-none-any.whl
Building wheels for collected packages: wafw00f
Running setup.py bdist_wheel for wafw00f ... done
Stored in directory: /root/.cache/pip/wheels/79/ce/04/86e806fc62bf5d51878808f48ca4ce8dbe4719178fac9afacd
Successfully built wafw00f
Installing collected packages: beautifulsoup4, pluginbase, wafw00f
Found existing installation: beautifulsoup4 4.6.0
Not uninstalling beautifulsoup4 at /usr/lib/python2.7/dist-packages, outside environment /usr
Successfully installed beautifulsoup4-4.4.1 pluginbase-0.3 wafw00f-0.9.4
but get
root@kali:~# wafw00f -l
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in <module>
from wafw00f import main
File "/usr/local/lib/python2.7/dist-packages/wafw00f/main.py", line 53, in <module>
from wafw00f.lib.evillib import oururlparse, scrambledheader, waftoolsengine
File "/usr/local/lib/python2.7/dist-packages/wafw00f/lib/evillib.py", line 14, in <module>
from bs4 import BeautifulSoup
File "/usr/local/lib/python2.7/dist-packages/bs4/__init__.py", line 30, in <module>
from .builder import builder_registry, ParserRejectedMarkup
File "/usr/local/lib/python2.7/dist-packages/bs4/builder/__init__.py", line 314, in <module>
from . import _html5lib
File "/usr/local/lib/python2.7/dist-packages/bs4/builder/_html5lib.py", line 70, in <module>
class TreeBuilderForHtml5lib(html5lib.treebuilders._base.TreeBuilder):
AttributeError: 'module' object has no attribute '_base'
Any recommendation ?
After trying to install i got this error
C:\wafw00f-master>python setup.py install
running install
running bdist_egg
running egg_info
writing requirements to wafw00f.egg-info\requires.txt
writing wafw00f.egg-info\PKG-INFO
writing top-level names to wafw00f.egg-info\top_level.txt
writing dependency_links to wafw00f.egg-info\dependency_links.txt
reading manifest file 'wafw00f.egg-info\SOURCES.txt'
reading manifest template 'MANIFEST.in'
writing manifest file 'wafw00f.egg-info\SOURCES.txt'
installing library code to build\bdist.win-amd64\egg
running install_lib
running build_py
installing scripts to build\bdist.win-amd64\egg\EGG-INFO\scripts
running install_scripts
running build_scripts
copying wafw00f.egg-info\PKG-INFO -> build\bdist.win-amd64\egg\EGG-INFO
copying wafw00f.egg-info\SOURCES.txt -> build\bdist.win-amd64\egg\EGG-INFO
copying wafw00f.egg-info\dependency_links.txt -> build\bdist.win-amd64\egg\EGG-INFO
copying wafw00f.egg-info\requires.txt -> build\bdist.win-amd64\egg\EGG-INFO
copying wafw00f.egg-info\top_level.txt -> build\bdist.win-amd64\egg\EGG-INFO
zip_safe flag not set; analyzing archive contents...
creating 'dist\wafw00f-0.9.6-py2.7.egg' and adding 'build\bdist.win-amd64\egg' to it
Traceback (most recent call last):
File "setup.py", line 50, in <module>
test_suite='nose.collector',
File "C:\Python27\lib\site-packages\setuptools\__init__.py", line 129, in setup
return distutils.core.setup(**attrs)
File "C:\Python27\lib\distutils\core.py", line 151, in setup
dist.run_commands()
File "C:\Python27\lib\distutils\dist.py", line 953, in run_commands
self.run_command(cmd)
File "C:\Python27\lib\distutils\dist.py", line 972, in run_command
cmd_obj.run()
File "C:\Python27\lib\site-packages\setuptools\command\install.py", line 67, in run
self.do_egg_install()
File "C:\Python27\lib\site-packages\setuptools\command\install.py", line 109, in do_egg_install
self.run_command('bdist_egg')
File "C:\Python27\lib\distutils\cmd.py", line 326, in run_command
self.distribution.run_command(command)
File "C:\Python27\lib\distutils\dist.py", line 972, in run_command
cmd_obj.run()
File "C:\Python27\lib\site-packages\setuptools\command\bdist_egg.py", line 234, in run
dry_run=self.dry_run, mode=self.gen_header())
File "C:\Python27\lib\site-packages\setuptools\command\bdist_egg.py", line 497, in make_zipfile
visit(z, dirname, files)
File "C:\Python27\lib\site-packages\setuptools\command\bdist_egg.py", line 490, in visit
z.write(path, p)
File "C:\Python27\lib\zipfile.py", line 1125, in write
mtime = time.localtime(st.st_mtime)
ValueError: (22, 'Invalid argument')
Any idea how it could be fixed?
OS:Win10
wafw00f https://xn--p8j5cxcyjlcygn342e-comwebmail.ec.us-east-1.cpair.dev.braintree.tools
error:
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in <module>
__import__('pkg_resources').run_script('wafw00f==2.1.0', 'wafw00f')
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 658, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 1438, in run_script
exec(code, namespace, namespace)
File "/usr/local/lib/python3.6/dist-packages/wafw00f-2.1.0-py3.6.egg/EGG-INFO/scripts/wafw00f", line 8, in <module>
main.main()
File "/usr/local/lib/python3.6/dist-packages/wafw00f-2.1.0-py3.6.egg/wafw00f/main.py", line 423, in main
rq = attacker.normalRequest()
File "/usr/local/lib/python3.6/dist-packages/wafw00f-2.1.0-py3.6.egg/wafw00f/main.py", line 43, in normalRequest
return self.Request()
File "/usr/local/lib/python3.6/dist-packages/wafw00f-2.1.0-py3.6.egg/wafw00f/lib/evillib.py", line 83, in Request
allow_redirects=self.allowredir, params=params, verify=False)
File "/usr/local/lib/python3.6/dist-packages/requests/api.py", line 76, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python3.6/dist-packages/requests/api.py", line 61, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python3.6/dist-packages/requests/sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.6/dist-packages/requests/sessions.py", line 643, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.6/dist-packages/requests/adapters.py", line 449, in send
timeout=timeout
File "/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py", line 677, in urlopen
chunked=chunked,
File "/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py", line 381, in _make_request
self._validate_conn(conn)
File "/usr/local/lib/python3.6/dist-packages/urllib3/connectionpool.py", line 978, in _validate_conn
conn.connect()
File "/usr/local/lib/python3.6/dist-packages/urllib3/connection.py", line 371, in connect
ssl_context=context,
File "/usr/local/lib/python3.6/dist-packages/urllib3/util/ssl_.py", line 386, in ssl_wrap_socket
return context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.6/ssl.py", line 407, in wrap_socket
_context=self, _session=session)
File "/usr/lib/python3.6/ssl.py", line 809, in __init__
server_hostname)
File "/usr/lib/python3.6/encodings/idna.py", line 214, in decode
result.append(ToUnicode(label))
File "/usr/lib/python3.6/encodings/idna.py", line 139, in ToUnicode
raise UnicodeError("IDNA does not round-trip", label, label2)
UnicodeError: ('IDNA does not round-trip', b'xn--p8j5cxcyjlcygn342e-comwebmail', b'xn--p8j5cxcyjlcygn342e-upmz7bxaebnai')
Hi, this is generally more of a question/guidance while I try to develop a plugin.
I'm trying to write a plugin for AWS WAF detection. You can see my current state at https://github.com/d-j-c/wafw00f/blob/master/wafw00f/plugins/aws.py
AWS WAF is interesting as it is an API called by CloudFront - so the identifiers are of CloudFront, not of the WAF - the way to detect the WAF is to run tests and see if a 403 is returned from CloudFront. However even without the WAF enabled CloudFront returns 403 if such conditions as a mangled header is submitted.
What I am finding is that if I turn off the WAF I am still falsely detecting AWS WAF because of 403s being returned from CloudFront by checks of the other plugins. For example isaserver.py submits an invalid Host, CloudFront returns 403 and my plugin goes 'oh yup, that must be AWS WAF'.
My question is - is there a way to 'strict' match a plugin - I want to return positive if only the checks within the aws.py plugin return true (I've tested the default attack checks and CloudFront does not return 403 to any of these).
Describe the bug
While installing wafw00f in python 2.7 the setup is not smooth because beautifulsoup4, soupsieve needs backports.functools_lru_cache to work well with python 2.7 i believe we should add backports.functools_lru_cache dependencies for an error-free installation in python 2.7
To Reproduce
Try setup.py in python 2.7
Screenshots
nexusguard.com
Server: 2.0.0.20.20.973a686
...
<!DOCTYPE html><html lang="en" ng-app="myApp" ng-controller="errormain"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="ie=edge"><title></title><style> html,body,div{padding: 0; margin: 0;}</style></head><body><iframe id="autherframe" frameBorder="0" src="https://speresources.nexusguard.com/wafpage/index.html#403;104.244.73.126;4nugIQAAAAAAAAAAaPRJfqWn;403" height="100%" width="100%"></iframe><script>var doc=document,autherframe=doc.getElementById("autherframe");var frameWin=autherframe.contentWindow;var frameDoc=autherframe.contentWindow.document;var frameBody=autherframe.contentWindow.document.body;autherframe.onload=function(){this.height=window.innerHeight>600?window.innerHeight:"600px";this.scrolling=window.innerHeight>600?"no":"yes"};</script></body></html>
ip: 104.244.73.126 (google data saver)
Hi Sandro , i followed those steps
hany@HP-Pro:~/toolz$ sudo git clone https://github.com/sandrogauci/wafw00f
Cloning into 'wafw00f'...
remote: Counting objects: 454, done.
remote: Total 454 (delta 0), reused 0 (delta 0), pack-reused 454
Receiving objects: 100% (454/454), 124.68 KiB | 153.00 KiB/s, done.
Resolving deltas: 100% (252/252), done.
hany@HP-Pro:~/toolz/wafw00f$ sudo python setup.py install
Traceback (most recent call last):
File "setup.py", line 4, in
from setuptools import setup, find_packages
Thanks
Hello,
I may be just dumb, but consulting the man page, I do not see a way to change the port from 443? My server is HTTP only, on port 80. I get:
ERROR:wafw00f:Something went wrong HTTPSConnectionPool(host='10.10.236.161', port=443): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPSConnection object at 0x7ff02aa35b80>: Failed to establish a new connection: [Errno 111] Connection refused'))
ERROR:wafw00f:Site 10.10.236.161 appears to be down
The manpage says "Sends a normal HTTP request", but judging from the port and the object, it appears to be HTTPS?
Getting the following output when running the tool against different sites.
root@kali:~# wafw00f -a https://google.com -v
Traceback (most recent call last):
File "/usr/local/bin/wafw00f", line 4, in
import('pkg_resources').run_script('wafw00f==0.9.4', 'wafw00f')
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 739, in run_script
self.require(requires)[0].run_script(script_name, ns)
File "/usr/lib/python2.7/dist-packages/pkg_resources/init.py", line 1494, in run_script
exec(code, namespace, namespace)
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/EGG-INFO/scripts/wafw00f", line 4, in
from wafw00f import main
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/main.py", line 53, in
from wafw00f.lib.evillib import oururlparse, scrambledheader, waftoolsengine
File "/usr/local/lib/python2.7/dist-packages/wafw00f-0.9.4-py2.7.egg/wafw00f/lib/evillib.py", line 14, in
from bs4 import BeautifulSoup
File "build/bdist.linux-x86_64/egg/bs4/init.py", line 30, in
File "build/bdist.linux-x86_64/egg/bs4/builder/init.py", line 314, in
File "build/bdist.linux-x86_64/egg/bs4/builder/_html5lib.py", line 70, in
AttributeError: 'module' object has no attribute '_base'
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.